Industrial Control System (ICS), as the core of the critical infrastructure,
its vulnerabilities threaten physical world security.
Mutation-based black-box fuzzing is a popular method for vulnerability discovery in ICS,
and the diversification of seeds is crucial to its performance.
However, the ICS devices are dedicated devices whose programs are challenging to get,
protocols are unknown, and execution traces are hard to obtain in real-time.
These restrictions impede seed selection, thereby reducing the efficiency of fuzzing.
Therefore, it has become our primary goal to select a high-quality seed set
containing as few seeds as possible with extensive triggered traces.
In this paper, we present a novel automatic seed selection method called DSS,
selecting high-quality seeds for improving fuzzing efficiency.
The method is based on the observation that dissimilar response messages
are generated by different device execution processes in most cases,
which helps us build the connection of messages discrepancy and execution traces discrepancy to guide DSS.
Expressly, we point out that dissimilar messages are effective indicators of different execution paths.
Therefore, choosing ICS messages with high discrepancy as seeds can bring
more initial execution traces and fewer seeds with the same semantic,
which are essential to black-box fuzzing. Our experiments show that the quantity of seeds selected by DSS
is significantly less than the traditional method when achieving the same trace coverage.